var-201912-0057
Vulnerability from variot
There is an out-of-bounds read vulnerability in the Advanced Packages feature of the Gauss100 OLTP database in CampusInsight before V100R019C00SPC200. Attackers who gain the specific permission can use this vulnerability by sending elaborate SQL statements to the database. Successful exploit of this vulnerability may cause the database to crash. CampusInsight Contains an out-of-bounds vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. The following products and versions are affected: CampusInsight V100R019C00
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201912-0057",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "campusinsight",
"scope": "eq",
"trust": 1.6,
"vendor": "huawei",
"version": "v100r019c00"
},
{
"model": "campusinsight",
"scope": "lt",
"trust": 0.8,
"vendor": "huawei",
"version": "v100r019c00spc200"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013325"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-201"
},
{
"db": "NVD",
"id": "CVE-2019-5278"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:huawei:campusinsight",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013325"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Huawei",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-201"
}
],
"trust": 0.6
},
"cve": "CVE-2019-5278",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CVE-2019-5278",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "VHN-156713",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2019-5278",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-5278",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-5278",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-5278",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201912-201",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-156713",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-156713"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013325"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-201"
},
{
"db": "NVD",
"id": "CVE-2019-5278"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "There is an out-of-bounds read vulnerability in the Advanced Packages feature of the Gauss100 OLTP database in CampusInsight before V100R019C00SPC200. Attackers who gain the specific permission can use this vulnerability by sending elaborate SQL statements to the database. Successful exploit of this vulnerability may cause the database to crash. CampusInsight Contains an out-of-bounds vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. The following products and versions are affected: CampusInsight V100R019C00",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-5278"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013325"
},
{
"db": "VULHUB",
"id": "VHN-156713"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-5278",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013325",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201912-201",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-156713",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-156713"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013325"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-201"
},
{
"db": "NVD",
"id": "CVE-2019-5278"
}
]
},
"id": "VAR-201912-0057",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-156713"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:16:46.111000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20191204-01-gauss100",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-gauss100-en"
},
{
"title": "Huawei Gauss100 OLTP Database buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=105252"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013325"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-201"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-156713"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013325"
},
{
"db": "NVD",
"id": "CVE-2019-5278"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-gauss100-en"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-5278"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5278"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20191204-01-gauss100-cn"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-156713"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013325"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-201"
},
{
"db": "NVD",
"id": "CVE-2019-5278"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-156713"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013325"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-201"
},
{
"db": "NVD",
"id": "CVE-2019-5278"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-12-13T00:00:00",
"db": "VULHUB",
"id": "VHN-156713"
},
{
"date": "2019-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013325"
},
{
"date": "2019-12-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-201"
},
{
"date": "2019-12-13T22:15:11.747000",
"db": "NVD",
"id": "CVE-2019-5278"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-12-19T00:00:00",
"db": "VULHUB",
"id": "VHN-156713"
},
{
"date": "2019-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013325"
},
{
"date": "2019-12-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-201"
},
{
"date": "2024-11-21T04:44:39.543000",
"db": "NVD",
"id": "CVE-2019-5278"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-201"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CampusInsight Vulnerable to out-of-bounds reading",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013325"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-201"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…